<?php

/* $Id: Login.class.php 120 2008-05-05 22:34:49Z joshuarudd $ */

class Login
{
		
	function __construct($cms){
		
		$this->cms = $cms;
		$this->db = $this->cms->db;
		
		if(isset($this->cms->pathA[1])){
			$this->action = $this->cms->pathA[1];
		}else{
			$this->action = '';
		}
		
		
		if(!empty($_POST['email']) && isset($_POST['reset_password'])){
			
			//create random hash
			$string = md5(time());
			$h_s = 32;
			$pass = substr($string,rand(0,$h_s),16);
			
			//check if you exists and update DB
			$q = $this->db->queryRow("SELECT id,email FROM " . BLACKBIRD_USERS_TABLE . " WHERE email = '$_POST[email]'");
			if($q['email'] == $_POST['email']){
				$row_data = array(array('field'=>'password', 'value'=>sha1($pass) ));
				
				$this->db->update(BLACKBIRD_USERS_TABLE,$row_data,"id",$q['id']);
				
				$html_template =  "Your password has been reset!";
				$html_template .= "<p>$pass</p>";
				$html_template .= "<p>To log in <a href=\"http://$_SERVER[HTTP_HOST]" . BLACKBIRD_ROOT . "login\">Click Here</a></p>";
				
				$message = array();
				$message['to_address'] = $_POST['email'];
				$message['subject'] = 'CMS Password Reset';
				$message['body'] = $html_template;
				
				$this->cms->sendEmail($message);
				
				Utils::metaRefresh(BLACKBIRD_ROOT . 'login/confirm/' . $_POST['email']);
				
			}else{
				Utils::metaRefresh(BLACKBIRD_ROOT . 'login/?e=2');
			}
			
			die();
		
		}
		
		if(!empty($_POST['email']) && !empty($_POST['password'])){
			
			$pass = sha1($_POST['password']);
			$email = $_POST['email'];
			
			if($this->cms->session->login($pass,$email)){
				
				if(isset($_REQUEST['redirect'])){
					Utils::metaRefresh($_REQUEST['redirect']);
				}else{
					Utils::metaRefresh(BLACKBIRD_ROOT . "home");
				}
				
			}else{
				Utils::metaRefresh(BLACKBIRD_ROOT . "login/?e=1");
				die();
			}
	
		}else{
			//$this->buildPage();
		}
		
	}

	function buildPage()
	{
		
		$this->cms->label = "";
		
		/* BEGIN: TOOLBAR ---------------------------------------------------- */
		
		$r = '<div id="bb_toolbar">';
		$r .= '<h1>' . BLACKBIRD_CLIENT . ' Login</h1>';
		$r .= '</div>';
		
		print $r;
		
		/* END: TOOLBAR ------------------------------------------------------ */
		
		
		
		/* BEGIN: NOTIFICATIONS ---------------------------------------------- */
		
		$e = Utils::setVar("e");
		$r = '';
		
		// Errors
		switch ($e):
			
			case "1":
				$r .= '<div class="message error">Invalid email or password, please try again or <a href="' . BLACKBIRD_ROOT . 'login/reset">Reset Password</a>.</div>';
			break;
			
			case "2":
				$r .= '<div class="message error">No user with this email exists! Please try again or have an admin create an account for you.</div>';
			break;
			
			case "3":
				$r .= '<div class="message error">Break in</div>';
			break;
			
		endswitch;
		
		// Action Messages
		switch ($this->action):
			
			case "reset":
				$r .= '<div class="message"><p>Enter your email and a new password will be created and sent to you. After logging back in, you can change your password by editing your profile page.</p></div>';
			break;
			
			case "confirm":
				$email = $this->cms->pathA[2];
				$r .= '<div class="message ok"><p>A new password has been generated and sent to ' . $email . '</p></div>';
			break;
		
		endswitch;
		
		print $r;
		
		/* END: NOTIFICATIONS ------------------------------------------------ */
		
		
		
		/* BEGIN: MODULE ----------------------------------------------------- */
		
		$r = '<div id="bb_module" class="login">';
		
		$r .= '<form name="user_form" id="user_form" action="'.BLACKBIRD_ROOT.'login" method="post">';
		ob_start();
		Forms::text("email",'',array('label'=>'Email'));
		$r .= ob_get_contents();
		ob_end_clean();
		
		if ($this->action == "reset") {
			ob_start();
			Forms::hidden("reset_password","yes");
			$r .= ob_get_contents();
			ob_end_clean();
			$r .= '
			<div class="buttons">
			<a class="button reset_password" href="#" onclick="validate(\'user_form\');" >Reset</a>
			<a class="button cancel" href="#" onclick="window.location = CMS.getProperty(\'cms_root\') + \'login\'" >Cancel</a>
			</div>';
		} else {
			if (isset($_REQUEST['redirect'])) {
				ob_start();
				Forms::hidden("redirect",$_REQUEST['redirect']);
				$r .= ob_get_contents();
				ob_end_clean();
			}
			ob_start();
			Forms::text("password","",array('type'=>'password','label'=>'Password'));
			$r .= ob_get_contents();
			ob_end_clean();
			$r .= '
			<div class="buttons">
			<a class="button login" href="#" onclick="validate(\'user_form\');" >Login</a>
			</div>';
			$r .= '<script type="text/javascript">
				Event.observe("password","keypress",function(event){
					if(event.keyCode == Event.KEY_RETURN){
						$("user_form").submit();
					}
				});
			</script>';
		}
		$r .= "</form>";
		$r .= '</div>';
		
		print $r;
		
		/* END: MODULE ------------------------------------------------------- */
		
	}

}